Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3baab427-eefb-4e67-b18e-83fac7ff77ea.roa
File: 3baab427-eefb-4e67-b18e-83fac7ff77ea.roa (raw, json)
Hash identifier: jGaPc78mVENUa71Xk3NDOHtsb1EMOP4wqnv30d1cYMQ=
Subject key identifier: E9:E7:69:83:15:C8:E0:7B:FD:C0:1C:D5:28:A2:7B:45:4F:56:53:2A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 39DBAE37A2F27F7D5676406DE59FAA85C42567FC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3baab427-eefb-4e67-b18e-83fac7ff77ea.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:db:ae:37:a2:f2:7f:7d:56:76:40:6d:e5:9f:aa:85:c4:25:67:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=07d95cb486dd36660b80c449cfb1f05462a38a8424edce94baf0b5d20f8e8ed4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b5:71:b7:fa:54:cb:f9:fe:28:72:8f:3f:03:
dc:b0:cd:41:23:bb:8c:d9:b2:7c:e7:0d:c9:f8:3f:
37:dc:e3:7b:a0:27:32:a5:d2:45:89:37:38:e6:ff:
a9:b1:b4:b6:61:a9:1a:c4:39:cf:bd:f5:3d:ea:4b:
5f:77:f9:72:ae:4f:28:39:c0:e9:f0:ec:3e:6c:44:
7a:52:ee:be:8a:61:f5:d8:59:92:47:b2:49:db:9f:
2b:03:fe:24:98:8f:c5:87:e8:24:b1:e4:31:0f:0a:
5b:cf:f5:f8:ea:bf:e0:63:7c:5f:5d:9a:12:bd:fc:
47:70:56:be:98:37:4e:e0:3c:c7:89:40:4e:bb:57:
77:7c:f9:bf:81:92:78:be:c0:95:5a:5c:8b:f2:da:
8e:58:df:06:3c:99:de:c1:9e:a4:a6:99:5a:88:ba:
ce:9a:7d:b6:ae:27:06:2a:ee:05:19:18:30:50:bd:
6d:24:61:f9:17:08:60:66:ca:d4:5e:0d:c5:c9:8d:
13:dd:cc:b4:6e:68:50:0b:8d:97:c7:e9:67:c2:f7:
9b:4c:82:cd:a9:3f:48:62:8f:99:3a:e5:9f:92:60:
0f:42:3b:8c:54:55:2b:7b:61:78:91:29:29:12:d4:
f5:c7:52:97:e5:d6:d2:af:05:13:ac:a0:16:5b:e5:
e7:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:E7:69:83:15:C8:E0:7B:FD:C0:1C:D5:28:A2:7B:45:4F:56:53:2A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3baab427-eefb-4e67-b18e-83fac7ff77ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8000::/40
Signature Algorithm: sha256WithRSAEncryption
49:a0:60:13:23:fd:8d:86:23:fa:15:2f:fe:34:89:14:08:70:
d8:52:05:e8:95:49:8c:7b:05:cb:e2:af:b0:de:43:3d:ab:f6:
d6:c7:e5:e8:27:46:88:ee:bf:26:96:83:75:86:6a:02:61:01:
21:62:5a:01:3f:96:0c:bc:ea:53:8a:29:ee:99:c6:b8:ff:2c:
8a:7a:df:7d:6e:f0:10:c8:b2:95:d8:7d:6e:54:7c:58:ba:d7:
7f:4f:bd:d4:dd:d4:d6:e7:72:e6:c8:73:12:2e:00:15:02:0c:
c7:33:9c:6e:93:b9:f2:78:b2:20:9f:c4:72:dd:a5:df:db:b3:
d0:be:22:8a:fe:b3:7f:d8:74:e0:f2:b9:87:ad:76:0d:80:5e:
02:66:d6:11:2e:a4:70:8a:8b:b7:2f:2e:f8:fc:c5:71:b8:55:
36:6e:c9:99:33:13:44:4a:ae:b2:c6:02:42:db:9d:9d:16:46:
aa:da:54:03:6b:ec:fb:9d:6c:92:1f:a5:48:e6:59:d2:ad:27:
a8:e7:22:6a:dc:a4:de:de:8b:97:95:ed:21:75:0f:b1:bd:74:
a4:71:3f:86:be:84:b5:47:25:a6:b8:64:02:98:77:3d:27:0c:
ee:c4:ee:b0:b5:a9:49:e1:ba:ed:2f:64:78:07:2f:ad:97:00:
0f:61:af:d2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOduuN6Lyf31WdkBt5Z+qhcQlZ/wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3ZDk1Y2I0ODZkZDM2NjYwYjgwYzQ0OWNmYjFmMDU0NjJhMzhhODQyNGVk
Y2U5NGJhZjBiNWQyMGY4ZThlZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALW1cbf6VMv5/ihyjz8D3LDNQSO7jNmyfOcNyfg/N9zje6AnMqXSRYk3OOb/
qbG0tmGpGsQ5z731PepLX3f5cq5PKDnA6fDsPmxEelLuvoph9dhZkkeySdufKwP+
JJiPxYfoJLHkMQ8KW8/1+Oq/4GN8X12aEr38R3BWvpg3TuA8x4lATrtXd3z5v4GS
eL7AlVpci/LajljfBjyZ3sGepKaZWoi6zpp9tq4nBiruBRkYMFC9bSRh+RcIYGbK
1F4NxcmNE93MtG5oUAuNl8fpZ8L3m0yCzak/SGKPmTrln5JgD0I7jFRVK3theJEp
KRLU9cdSl+XW0q8FE6ygFlvl59kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTp52mD
Fcjge/3AHNUoontFT1ZTKjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2JhYWI0MjctZWVmYi00ZTY3LWIxOGUtODNmYWM3ZmY3N2VhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DGA
MA0GCSqGSIb3DQEBCwUAA4IBAQBJoGATI/2NhiP6FS/+NIkUCHDYUgXolUmMewXL
4q+w3kM9q/bWx+XoJ0aI7r8mloN1hmoCYQEhYloBP5YMvOpTiinumca4/yyKet99
bvAQyLKV2H1uVHxYutd/T73U3dTW53LmyHMSLgAVAgzHM5xuk7nyeLIgn8Ry3aXf
27PQviKK/rN/2HTg8rmHrXYNgF4CZtYRLqRwiou3Ly74/MVxuFU2bsmZMxNESq6y
xgJC252dFkaq2lQDa+z7nWySH6VI5lnSrSeo5yJq3KTe3ouXle0hdQ+xvXSkcT+G
voS1RyWmuGQCmHc9JwzuxO6wtalJ4brtL2R4By+tlwAPYa/S
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:11 2024 by rpki-client on console-fra.rpki-client.org